This is an automated email from the ASF dual-hosted git repository.
gnodet pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mina-sshd.git
The following commit(s) were added to refs/heads/master by this push:
new 735d9ba [SSHD-1032] Fix possible ArrayIndexOutOfBoundsException in
ChannelAsyncOutputStream
735d9ba is described below
commit 735d9ba17d19fb8e40995b367b4ec35066713954
Author: Guillaume Nodet <gno...@gmail.com>
AuthorDate: Wed Jul 22 17:45:24 2020 +0200
[SSHD-1032] Fix possible ArrayIndexOutOfBoundsException in
ChannelAsyncOutputStream
---
CHANGES.md | 1 +
.../sshd/common/channel/ChannelAsyncOutputStream.java | 16 +++++++++-------
2 files changed, 10 insertions(+), 7 deletions(-)
diff --git a/CHANGES.md b/CHANGES.md
index 8678205..929dde1 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -24,5 +24,6 @@
* [SSHD-1020](https://issues.apache.org/jira/browse/SSHD-1020) SSH connections
getting closed abruptly with timeout exceptions.
* [SSHD-1028](https://issues.apache.org/jira/browse/SSHD-1028) Fix
SSH_MSG_DISCONNECT: Too many concurrent connections.
+* [SSHD-1032](https://issues.apache.org/jira/browse/SSHD-1032) Fix possible
ArrayIndexOutOfBoundsException in ChannelAsyncOutputStream.
* [SSHD-1033](https://issues.apache.org/jira/browse/SSHD-1033) Fix
simultaneous usage of dynamic and local port forwarding.
* [SSHD-1039](https://issues.apache.org/jira/browse/SSHD-1039) Fix support for
some basic options in ssh/sshd cli.
diff --git
a/sshd-core/src/main/java/org/apache/sshd/common/channel/ChannelAsyncOutputStream.java
b/sshd-core/src/main/java/org/apache/sshd/common/channel/ChannelAsyncOutputStream.java
index beda4c9..3fc49c4 100644
---
a/sshd-core/src/main/java/org/apache/sshd/common/channel/ChannelAsyncOutputStream.java
+++
b/sshd-core/src/main/java/org/apache/sshd/common/channel/ChannelAsyncOutputStream.java
@@ -108,11 +108,13 @@ public class ChannelAsyncOutputStream extends
AbstractCloseable implements IoOut
Channel channel = getChannel();
Window remoteWindow = channel.getRemoteWindow();
long length;
- if (total > remoteWindow.getSize()) {
+ long remoteWindowSize = remoteWindow.getSize();
+ long packetSize = remoteWindow.getPacketSize();
+ if (total > remoteWindowSize) {
// if we have a big message and there is enough space, send
the next chunk
- if (remoteWindow.getSize() >= remoteWindow.getPacketSize()) {
+ if (remoteWindowSize >= packetSize) {
// send the first chunk as we have enough space in the
window
- length = remoteWindow.getPacketSize();
+ length = packetSize;
} else {
// do not chunk when the window is smaller than the packet
size
length = 0;
@@ -122,16 +124,16 @@ public class ChannelAsyncOutputStream extends
AbstractCloseable implements IoOut
pendingWrite.set(f);
if (log.isTraceEnabled()) {
log.trace("doWriteIfPossible({})[resume={}] waiting
for window space {}",
- this, resume, remoteWindow.getSize());
+ this, resume, remoteWindowSize);
}
}
- } else if (total > remoteWindow.getPacketSize()) {
+ } else if (total > packetSize) {
if (buffer.rpos() > 0) {
// do a defensive copy in case the user reuses the buffer
IoWriteFutureImpl f = new
IoWriteFutureImpl(future.getId(), new ByteArrayBuffer(buffer.getCompactData()));
f.addListener(w -> future.setValue(w.getException() !=
null ? w.getException() : w.isWritten()));
pendingWrite.set(f);
- length = remoteWindow.getPacketSize();
+ length = packetSize;
if (log.isTraceEnabled()) {
log.trace("doWriteIfPossible({})[resume={}] attempting
to write {} out of {}",
this, resume, length, total);
@@ -139,7 +141,7 @@ public class ChannelAsyncOutputStream extends
AbstractCloseable implements IoOut
doWriteIfPossible(resume);
return;
} else {
- length = remoteWindow.getPacketSize();
+ length = packetSize;
}
} else {
length = total;
